ADMT & Employment
Hello all, and thanks for reading today.
Read NowGet an overview of the simple, all-in-one data privacy platform
Manage consent for data privacy laws in 50+ countries
Streamline and automate the DSAR workflow
Efficiently manage assessment workflows using custom or pre-built templates
Streamline consent, utilize non-cookie data, and enhance customer trust
Automate and visualize data store discovery and classification
Ensure your customers’ data is in good hands
Key Features & Integrations
Discover how Osano supports CPRA compliance
Learn about the CCPA and how Osano can help
Achieve compliance with one of the world’s most comprehensive data privacy laws
Key resources on all things data privacy
Expert insights on all things privacy
Key resources to further your data privacy education
Meet some of the 5,000+ leaders using Osano to transform their privacy programs
A guide to data privacy in the U.S.
What's the latest from Osano?
Data privacy is complex but you're not alone
Join our weekly newsletter with over 35,000 subscribers
Global experts share insights and compelling personal stories about the critical importance of data privacy
Osano CEO, Arlo Gilbert, covers the history of data privacy and how companies can start a privacy program
Upcoming webinars and in-person events designed for privacy professionals
The Osano story
Become an Osanian and help us build the future of privacy!
We’re eager to hear from you
Updated: May 24, 2022
Published: October 5, 2021
Listen, January 1, 2023, isn't so far away now. That's the date that California's new privacy law comes into effect. And the agency that'll enforce the law is now fully staffed. This week, it named Ashkan Soltani as its executive director, and privacy advocates rejoiced. Really, though, there were a lot of "praise" emojis floating around yesterday.
Soltani is a highly revered expert in the privacy and technology community. This week, he testified at the U.S. Senate committee hearing on federal privacy legislation. As an advisor, Soltani worked with the architect of both the California Consumer Privacy Act and the California Privacy Rights Act, real estate mogul Alastair MacTaggart. And he helped architect the new Global Privacy Control, a universal opt-out recently mandated by the California Attorney General. At the Senate hearing this week, in fact, he asked lawmakers to direct the Federal Trade Commission, where he was once chief technologist, to make Global Privacy Control a "legally adequate opt-out mechanism."
He's got a massive Twitter presence, in part due to high-profile roles as not only the FTC's technologist but also as a senior advisor to the U.S. chief technology officer under the Obama administration. And no, I don't think we can gauge leadership abilities based on Twitter followers. After all, there are some sketchy leaders with thousands of them. But Soltani's 32,000 followers give you an idea that he's not your average technologist.
Industry, however, may be slightly less thrilled about the appointment. Soltani is widely seen as a straightforward person guided strongly by an ethical stance. He's very vocal on social media about the adtech industry and its data collection practices. And I don't mean that he's complimentary. Quite the opposite, usually.
His job will be to oversee the agency's daily operations and its enforcement of California's privacy law, and he's never shy to criticize technology companies about practices he considers shady. In his recent testimony for the Senate, he called for more staffing at the Federal Trade Commission, which enforces consumer privacy. He noted that many of the agreements the FTC has made with Big Tech over their infractions hadn't curbed problematic practices. That's, in part, because it's inadequately staffed and can't keep up with enforcement, he said.
Part of privacy advocates' excitement might be a general frustration with that enforcement. Fairly or unfairly, much has been said about European data protection authorities' pace in taking companies to task for GDPR violations in the EU, for example. Then there's all the kerfuffle (first time I've ever used that word) over the Facebook whistleblower's allegations this week. On the advocacy side, there's momentum building for someone to take the reins on Big Tech. And Soltani fits the bill.
I asked a friend, privacy attorney Calli Schroder at the Electronic Privacy and Information Center, to explain her Twitter posts exalting the news.
She told me, "Appointing a leader like Ashkan with his depth of technical expertise, ability to clearly explain complex issues and dedication to consumer protection demonstrates that the [new agency] will not just be a symbolic body, but will actively engage with the regulations," she said. She added, "He also is the best tech and privacy happy hour host." (Note: Tech Policy Happy Hour, referred to as TPHH, is a big thing here in D.C., and Soltani was the de facto "leader" of the tradition before he moved to the West Coast a few years back. Still, we gather to drink wine and geek out on privacy together. If you come to D.C., I'll take you to one!)
But I digress. This Soltani thing is big news, no matter what side you're coming from. We now know what enforcement of California privacy law will look like for the foreseeable future, and that could be worrisome for ad-tech and Big Tech alike.
Enjoy reading, and I'll see you next week!
Former FTC technologist to direct California privacy enforcement agency
On Monday, the California Privacy Protection Agency (CPPA) named its new leader. Ashkan Soltani, a former chief technologist for the Federal Trade Commission, will serve as executive director. The agency was born out of the California Privacy Rights Act, often referred to as the second version of the California Consumer Privacy Act, or CCPA 2.0. Soltani was one of the architects of both the CPRA and the CCPA and was chosen, in part, because of that, Reuters reports. Privacy advocates and industry alike have lauded the appointment.
Read Story
Senate's privacy law focuses on how to bolster the FTC
The Senate Commerce Subcommittee charged with overseeing privacy held a hearing to discuss a potential federal privacy law in the U.S. and better protect consumers. Witnesses said the Federal Trade Commission, which enforces consumer privacy in the U.S., needs more funding and more staffing. But there was disagreement, as always, among them on whether federal law should provide the right for aggrieved consumers to sue businesses for noncompliance, Ad Law Access reports.
Update: link no longer available.
Suit filed against Google's AI company for alleged sensitive-data sharing
A U.K. law firm has filed a class-action lawsuit against Google's AI company, DeepMind. It alleges an NHS Trust "quietly passed medical information on more than a million pages" to Google as part of an app development project, TechCrunch reports. Last month, Google canceled the project, an app designed to support clinicians called Streams. In 2017, the U.K. privacy commissioner sanctioned the NHS trust involved for passing on sensitive medical information to DeepMind.
Read Story
Analyst: Apple ad-tracking changes indicate Apple wants to compete on ads
In April, Apple launched a software update, including its App Tracking Transparency feature. That allowed users to determine which of their apps it would allow to track their activity across the web. Facebook has said it's losing ad business because of it. RBC Capital Markets, an analyst group, says the privacy changes indicate Apple wants to compete in global advertising.
Read Story
Everything you need to know about the GDPR
The EU General Data Protection Regulation changed the world of privacy law. It obligated companies to make sweeping changes to their data protection and privacy practices to comply or face potentially massive fines. It comes down to this: If your organization collects, uses or stores EU citizens' personal data, regardless of where it's processed, you're covered by this law. In this post, learn the basics of the GDPR and how to begin complying.
Read Story
Are you in the process of refreshing your current privacy policy or building a whole new one? Are you scratching your head over what to include? Use this interactive checklist to guide you.
Download Now
Osano Staff is pseudonym used by team members when authorship may not be relevant. Osanians are a diverse team of free thinkers who enjoy working as part of a distributed team with the common goal of working to make a more transparent internet.
Osano is used by the world's most innovative and forward-thinking companies to easily manage and monitor their privacy compliance.
With Osano, building, managing, and scaling your privacy program becomes simple. Schedule a demo or try a free 30-day trial today.